<?php /* ADMIN $Id: vw_usr_roles.php,v 1.10.8.1 2007/01/31 09:36:52 ajdonnison Exp $ */
GLOBAL $AppUI, $user_id, $canEdit, $canDelete, $tab;

if (!defined('DP_BASE_DIR')) {
	die('You should not access this file directly');
}

//$roles
// Create the roles class container
require_once DP_BASE_DIR."/modules/system/roles/roles.class.php";

$perms =& $AppUI->acl();
$user_roles = $perms->getUserRoles($user_id);
$crole =& new CRole;
$roles = $crole->getRoles();
// Format the roles for use in arraySelect
$roles_arr = array();
foreach ($roles as $role) {
  $roles_arr[$role['id']] = $role['name'];
}

?>

<script language="javascript">
<?php
// security improvement:
// some javascript functions may not appear on client side in case of user not having write permissions
// else users would be able to arbitrarily run 'bad' functions
if ($canEdit) {
?>
function delIt(id) {
	if (confirm( 'Are you sure you want to delete this role?' )) {
		var f = document.frmPerms;
		f.del.value = 1;
		f.role_id.value = id;
		f.submit();
	}
}
<?php
}?>

</script>

<?php if ($canEdit) {?>
<table width="100%" border="0" cellpadding="3" cellspacing="0" class="infopanel">
<form name="frmPerms" method="post" action="?m=admin">
	<input type="hidden" name="del" value="0">
	<input type="hidden" name="dosql" value="do_userrole_aed">
	<input type="hidden" name="user_id" value="<?php echo $user_id;?>">
	<input type="hidden" name="user_name" value="<?php echo $user_name;?>">
	<input type="hidden" name="role_id" value="">
<tr>
	<td>&nbsp;</td>
	<td align="right"><?php echo $AppUI->_('Role');?>:</td>
	<td><?php echo arraySelect($roles_arr, 'user_role', 'size="1" class="text"','', true);?></td>
	<td>
		<input type="reset" value="<?php echo $AppUI->_('clear');?>" class="button" name="sqlaction" onClick="clearIt();">
	</td>
	<td width="100%">
		<input type="submit" value="<?php echo $AppUI->_('add');?>" class="button" name="sqlaction2">
	</td>
</tr>
</form>
</table>
<?php } ?>

<table width="100%" border="0" cellpadding="2" cellspacing="1" class="list">
<tr class="info">
	<th width="24px">&nbsp;</th>
	<th><?php echo $AppUI->_('Role');?></th>
	<th class="last">&nbsp;</th>
</tr>

<?php
$n = 1;
foreach ($user_roles as $row){
	$buf = '<td>'.$n.'</td>';

	$style = $n % 2 == 1 ? 'first' : 'second';
	$buf .= '<td width="100%">' . $row['name'] . '</td>';

	$buf .= '<td nowrap>';
	if ($canEdit) {
		$buf .= '<img class="clickable" '.
					' src="images/delete_role.gif" '.
					' onclick="delIt('.$row['id'].')" '.
					' title="'.$AppUI->_('delete').'">';
	}
	$buf .= '</td>';

	echo '<tr class="'.$style.'">'.$buf.'</tr>';
}
?>
</table>
